mirror of
https://github.com/pestphp/pest.git
synced 2026-06-05 02:52:12 +02:00
14 lines
691 B
Markdown
14 lines
691 B
Markdown
# Security Policy
|
|
|
|
**PLEASE DON'T DISCLOSE SECURITY-RELATED ISSUES PUBLICLY, [SEE BELOW](#reporting-a-vulnerability).**
|
|
|
|
## Reporting a Vulnerability
|
|
|
|
If you discover a security vulnerability in Pest, please report it privately using one of the following channels:
|
|
|
|
1. **GitHub Private Vulnerability Reporting** (preferred) — go to the repository's **Security** tab and click **"Report a vulnerability"**. This creates a private advisory visible only to maintainers and provides a structured workflow for triage, fix coordination, and CVE assignment.
|
|
|
|
2. **Email** — send the details to Nuno Maduro at **enunomaduro@gmail.com**.
|
|
|
|
All security vulnerabilities will be promptly addressed.
|